A week ago the media was full of the huge scandal of over 700,000 clinical correspondence documents – including details of sensitive patient conditions – going missing and instead of being delivered to GPs being dumped in rooms.

The story was originally broken by the Guardian in February this year which revealed that NHS England was secretly working on how to sort out it without disclosing the scandal to the public. Jeremy Hunt had made a perfunctory statement to Parliament in 2016 not disclosing the full state of affairs in July 2016.

Last week the National Audit Office published a very thorough investigation into the scandal – including discovering that somehow the NHS also lost highly confidential reports dating back to 2005 which identified children subject to child protection orders which must never be disclosed to the public without the individual’s consent. And in 1788 cases it look possible that patient treatment could have been harmed as a result.

The mislaid and unprocessed correspondence covers GPs and now abolished Primary Care Trusts in the East Midlands, North East London and South West England .

The NHS has paid GPs £2.6m up front to examine the mislaid documents but they have yet to complete the work so a proper picture can still not be obtained.

In one bizarre incident some 205,000 documents were kept in a room marked “ clinical notes”. The report says: “A subsequent review found that the label had been removed by an SBS general manager because “you don’t want to advertise what’s in that room”.

“ NHS SBS told us that it was important that documents were held securely and therefore not having a label on the door was appropriate as part of this.”

Now this scandal is bad enough but in the small print of the National Audit Office report there lurked another extraordinary scandal – SBS and its auditors, BDO, decided to frustrate the National Audit Office finding out what had gone wrong.

Both the company and the auditor refused to hand over the files unless the National Audit Office signed an indemnity letter – which could get them off the hook should enraged patients decide to sue them for their negligence.

The NAO to its credit refused to do so and in its own report says, if it had, Parliament would not have been told the full story. As the report says:

“NHS SBS and BDO felt unable to share with us their reports into the incident unless we also signed a letter (which would indemnify them). This is common practice among audit organisations.

“We declined to sign any letter that would limit our ability to report on the incident.”

Instead the NAO used its statutory powers to force NHS England, which had copies of the documents after signing the indemnity letters, to hand them over.

Now NHS Shared Business Services was set up as a joint venture with the private sector under the Blair administration in 2004 when John ( now Lord ) Reid was health secretary. It was an equal partnership between the Department of Health and Xansa Ltd,a British outsourcing technology company 50 per cent owned by the staff. In 2007 it was taken over by Steria, a French rival, with British staff pocketing millions of pounds as the French paid a 70 per cent premium on the share price.

In 2014 Steria merged with another French rival Sopra creating a French owned global conglomerate. They are now planning to take over a Swedish firm

But two years before Andrew Lansley, then secretary of state for health, quietly and without any public announcement, transfered a single share to the French company, so it became the majority owner and could dictate policy. Just to make sure the Department of Health, which had civil servants on the board, declined to take up the directorships on the grounds of ” conflict of interest”.

I asked BDO and NHS Shared Business Services why they had sought to frustrate the NAO.

BDO replied putting the onus on the privatised company saying :

“BDO was in no way obstructive or concerned about making its reports accessible to the relevant third parties.”BDO has a contractual duty of confidentiality to clients as well as an ethical duty of confidentiality under the Code of Ethics of the Institute of Chartered Accountants in England & Wales (ICAEW). Therefore, unless required by law or regulation, we cannot disclose information to third parties (such as the NAO) without the express permission of our client.

The letters dealing with obtaining the necessary consents and agreeing the basis for access are drafted in accordance with professional guidance issued by the ICAEW. As the NAO report acknowledges in its report (paragraph 3.19), this is “common practice among audit organisations”.

Patients of the NHS are not a party to such letters and therefore their legal rights are completely unaffected.”

NHS Business Shared Services said :

“The recent NAO report highlights a number of failings in the mail redirection service provided to NHS England. We regret this situation and have co-operated fully with the National Audit Office in its investigation. All of the correspondence backlog has now been delivered to GP surgeries for filing and NHS England has so far found no evidence of patient harm. NHS SBS no longer provides this mail redirection service.”

There appear to be contradictions in both statements. I gather the safe delivery of clinical correspondence is now in the hands of Capita.